The battle for the future of the Open Web is taking place as a new document model merges into a platform for highly graphical, interactive and information rich applications. Open source communities vie with dominant vendors Adobe, Microsoft, Apple, Cisco, Nokia and Google to stake out their claims as open source innovations collide with standards consortia and proprietary alternatives.

NSA spies need jobs, too. And that is why many covert programs could be hiding in plain sight.

Job websites such as LinkedIn and Indeed.com contain hundreds of profiles that reference classified NSA efforts, posted by everyone from career government employees to low-level IT workers who served in Iraq or Afghanistan. They offer a rare glimpse into the intelligence community's projects and how they operate. Now some researchers are using the same kinds of big-data tools employed by the NSA to scrape public LinkedIn profiles for classified programs. But the presence of so much classified information in public view raises serious concerns about security — and about the intelligence industry as a whole.

“I’ve spent the past couple of years searching LinkedIn profiles for NSA programs,” said Christopher Soghoian, the principal technologist with the American Civil Liberties Union’s Speech, Privacy and Technology Project.

On Aug. 3, The Wall Street Journal published a story about the FBI’s growing use of hacking to monitor suspects, based on information Soghoian provided. The next day, Soghoian spoke at the Defcon hacking conference about how he uncovered the existence of the FBI’s hacking team, known as the Remote Operations Unit (ROU), using the LinkedIn profiles of two employees at James Bimen Associates, with which the FBI contracts for hacking operations.

“Had it not been for the sloppy actions of a few contractors updating their LinkedIn profiles, we would have never known about this,” Soghoian said in his Defcon talk. Those two contractors were not the only ones being sloppy.

“I was, like, huh, maybe there’s more we can do with this — actually get a list of all these profiles that have these results and use that to analyze the structure of which companies are helping with which programs, which people are helping with which programs, try to figure out in what capacity, and learn more about things that we might not know about,” McGrath said.

He set up a computer program called a scraper to search LinkedIn for public profiles that mention known NSA programs, contractors or jargon — such as SIGINT, the agency’s term for “signals intelligence” gleaned from intercepted communications. Once the scraper found the name of an NSA program, it searched nearby for other words in all caps. That allowed McGrath to find the names of unknown programs, too.

Once McGrath had the raw data — thousands of profiles in all, with 70 to 80 different program names — he created a network graph that showed the relationships between specific government agencies, contractors and intelligence programs. Of course, the data are limited to what people are posting on their LinkedIn profiles. Still, the network graph gives a sense of which contractors work on several NSA programs, which ones work on just one or two, and even which programs military units in Iraq and Afghanistan are using. And that is just the beginning.

And there are many more. A quick search of Indeed.com using three code names unlikely to return false positives — Dishfire, XKeyscore and Pinwale — turned up 323 résumés. The same search on LinkedIn turned up 48 profiles mentioning Dishfire, 18 mentioning XKeyscore and 74 mentioning Pinwale. Almost all these people appear to work in the intelligence industry.

Network-mapping the data

Fabio Pietrosanti of the Hermes Center for Transparency and Digital Human Rights noticed all the code names on LinkedIn last December. While sitting with M.C. McGrath at the Chaos Communication Congress in Hamburg, Germany, Pietrosanti began searching the website for classified program names — and getting serious results. McGrath was already developing Transparency Toolkit, a Web application for investigative research, and knew he could improve on Pietrosanti’s off-the-cuff methods.

Click on the image to view an interactive network illustration of the relationships between specific national security surveillance programs in red, and government organizations or private contractors in blue.

If you think this isn't a tool for some very serious research, check the short descriptions of the modules here. https://github.com/transparencytoolkit
I'll be installing this and doing some test-driving soon. From the source files, the glue for the tools seems to be Ruby on Rails. The development roadmap linked from the last word on this About page is also highly instructive. It ranks among the most detailed dev roadmaps I have ever seen. Notice that it is classified by milestones with scheduled work periods, giving specific date ranges for achievement. Even given the inevitable need to alter the schedule for unforeseen problems, this is a very aggressive (not quite the word I want) development plan and schedule. And the planned changes look to be super-useful, including a lot of "make it easier for the user" changes.

About Transparency Toolkit

We need information about governments, companies, and other institutions to uncover corruption, human rights abuses, and civil liberties violations. Unfortunately, the information provided by most transparency initiatives today is difficult to understand and incomplete. Transparency Toolkit is an open source web application where journalists, activists, or anyone can chain together tools to rapidly collect, combine, visualize, and analyze documents and data.

For example, Transparency Toolkit can be used to get data on all of a legislator’s actions in congress (votes, bills sponsored, etc.), get data on the fundraising parties a legislator attends, combine that data, and show it on a timeline to find correlations between actions in congress and parties attended. It could also be used to extract all locations from a document and plot them on a map where each point is linked to where the location was mentioned in the document.

Analysis Platform

On the analysis platform, users can add steps to the analysis process. These steps chain together the tools, so someone could scrape data, upload a document, crossreference that with the scraped data, and then visualize the result all in less than a minute with little technical knowledge. Some of the tools allow users to specify input, but when this is not the case the output of the last step is the input of the next.

Tools

Existing and planned Transparency Toolkit tools include include scrapers and APIs for accessing data, format converters, extraction tools (for dates, names, locations, numbers), tools for crossreferencing and merging data, visualizations (maps, timelines, network graphs, maps), and pattern and trend detecting tools. These tools are designed to work in many cases rather than a single specific situation. The tools can be linked together on Transparency Toolkit, but they are also available individually. Where possible, we build our tools off of existing open source software.

Road Map

You can see the plans for future development of Transparency Toolkit here.

Thursday, May 29, 2014

Haven't yet explored to see what's beneath the marketing hype. And I'm less than excited about the Skype with its NSA tendrils being the vehicle of audio translations of human languages. But given the progress in: [i] automated translations of human texts; [ii] audio screenreaders; and [iii] voice-to-text transcription, this is one we saw coming. Slap the three technologies together and wait until processing power catches up to what's needed to produce a marketable experience. After all, the StarTrek scriptwriters saw this coming too.
Ray Kurzweil, now at Google, should get a lot of the pioneer credit here. His revolutionary optical character recognition algorithms soon found themselves redeployed in text-to-speech synthesis and speech recognition technology. From Wikipedia: "Kurzweil was the principal inventor of the first CCD flatbed scanner, the first omni-font optical character recognition, the first print-to-speech reading machine for the blind, the first commercial text-to-speech synthesizer, the first music synthesizer Kurzweil K250 capable of recreating the grand piano and other orchestral instruments, and the first commercially marketed large-vocabulary speech recognition."
Not bad for a guy the same age as my younger brother.
But Microsoft's announcement here may be more vaporware than hardware in production and lines of executable code. Microsoft has a long history of vaporware announcements to persuade potential customers to hold off on riding with the competition.
And the Softies undoubtedly know that Google's human language text translation capabilities are way out in front and that the voice to text and text to speech API methods have already found a comfortable home in Android and Chromebook.
What does Microsoft have that's ready to ship if anything? I'll check it out tomorrow.

"Today at the first annual Code Conference, Microsoft demonstrated its new real-time translation in Skype publicly for the first time. Gurdeep Pall, Microsoft's VP of Skype and Lync, compares the technology to Star Trek's Universal Translator. During the demonstration, Pall converses in English with a coworker in Germany who is speaking German. 'Skype Translator results from decades of work by the industry, years of work by our researchers, and now is being developed jointly by the Skype and Microsoft Translator teams. The demo showed near real-time audio translation from English to German and vice versa, combining Skype voice and IM technologies with Microsoft Translator, and neural network-based speech recognition.'"

Let's also not forget that what is now named "Verizon" used to be named Bell Atlantic, one of the seven Baby Bells that were spun off by AT&T by government order during antitrust proceedings. In other words, this is one of the companies rate-payers financed through a heavily-regulated analog telephony absolute monopoly. But Verizon wants to spread its wings and escape the chains of regulation as a telecommunications carrier. While having its cake and eating it to, according to this article. The FCC has poised itself through a proposed rule with the flexibility to postpone a decision on net neutrality.
AT&T famously was allowed to keep its R&D arm while being freed of the expense of upgrading the U.S. telephony network from analog to digital and from copper wire to fibre optic.
And pay for those Baby Bells to make that transition we did. I remember monthly bills for a two person office running as high as $1,100 a month for calls all carried from Baby Bell to AT&T and back to another Baby Bell. All at state-regulated rates with FCC looking the other way. But now Verizon, Comcast (the originally munipally regulated cable television monopolies) and the few other "competing" survivors of that broadband rollout, having had their infrastructure paid for by the ratepayers, want to fly off and begin charging us at the other end of the pipe,via charges to content providers that will be passed on to us. Leading to the squeezing out of Mom and Pop internet businesses by the big content providers that can afford the charges and pass them on to us.
This is looking more and more like another massive rip-off of the customers who already paid for that infrasture.
Is that banksters I smell, privatizing a enormous public utility in the name of free markets?

Research for the Public Utility Law Project (PULP) has been released which details 'how Verizon deliberately moves back and forth between regulatory regimes, classifying its infrastructure either like a heavily regulated telephone network or a deregulated information service depending on its needs. The chicanery has allowed Verizon to raise telephone rates, all the while missing commitments for high-speed internet deployment' (PDF). In short, Verizon pushed for the government to give it common carrier privileges under Title II in order to build out its fiber network with tax-payer money. Result: increased service rates on telephone users to subsidize Verizon's 'infrastructure investment.' When it comes to regulations on Verizon's fiber network, however, Verizon has been pushing the government to classify its services as that of information only — i.e., beyond Title II. Verizon has made about $4.4 billion in additional revenue in New York City alone, 'money that's funneled directly from a Title II service to an array of services that currently lie beyond Title II's reach.' And it's all legal. An attorney at advocacy group Public Knowledge said it best: 'To expect that you can come in and use public infrastructure and funds to build a network and then be free of any regulation is absurd....When Verizon itself is describing these activities as a Title II common carrier, how can the FCC look at broadband internet and continue acting as though it's not a telecommunication network?'"

Monday, May 26, 2014

A federal appeals court on Friday upheld the Federal Communications Commission’s effort to convert its $4.5 billion program that pays for telephone service in rural parts of the country into one that subsidizes high-speed Internet service in high-cost areas.

The program, known as Connect America, is the largest portion of the $8 billion Universal Service Fund, which pays for a variety of efforts to provide telecommunications links to schools, low-income families and others.

In October 2011, the F.C.C. approved an overhaul of the fund. Soon after its approval, however, the effort was challenged in court by dozens of phone companies. Many were small carriers that provided service in rural areas and that stood to lose annual subsidies because of the changes.

The United States Court of Appeals for the Tenth Circuit, in Denver, rejected the phone companies’ arguments because their claims were “either unpersuasive or barred from judicial review.”

"Addressing the recent controversy over Netflix paying ISPs directly for better data transfer speeds, Google's Director of Network Engineering explains how their Fiber server handles peering. He says, 'Bringing fiber all the way to your home is only one piece of the puzzle. We also partner with content providers (like YouTube, Netflix, and Akamai) to make the rest of your video's journey shorter and faster. (This doesn't involve any deals to prioritize their video 'packets' over others or otherwise discriminate among Internet traffic — we don't do that.) Like other Internet providers, Google Fiber provides the 'last-mile' Internet connection to your home. ... So that your video doesn't get caught up in this possible congestion, we invite content providers to hook up their networks directly to ours. This is called 'peering,' and it gives you a more direct connection to the content that you want. ... We don't make money from peering or colocation; since people usually only stream one video at a time, video traffic doesn't bog down or change the way we manage our network in any meaningful way — so why not help enable it?'"

Thursday, May 22, 2014

China has banned government use of Windows 8, Microsoft Corp's latest operating system, a blow to a U.S. technology company that has long struggled with sales in the country.

The Central Government Procurement Center issued the ban on installing Windows 8 on Chinese government computers as part of a notice on the use of energy-saving products, posted on its website last week.

The official Xinhua news agency said the ban was to ensure computer security after Microsoft ended support for its Windows XP operating system, which was widely used in China.

Tuesday, May 20, 2014

Warning of an erosion of confidence in the products of the U.S. technology industry, John Chambers, the CEO of networking giant Cisco Systems, has asked President Obama to intervene to curtail the surveillance activities of the National Security Agency.

In a letter dated May 15 (obtained by Re/code and reprinted in full below), Chambers asked Obama to create “new standards of conduct” regarding how the NSA carries out its spying operations around the world. The letter was first reported by The Financial Times.

The letter follows new revelations, including photos, published in a book based on documents leaked by former NSA contractor Edward Snowden alleging that the NSA intercepted equipment from Cisco and other manufacturers and loaded them with surveillance software. The photos, which have not been independently verified, appear to show NSA technicians working with Cisco equipment. Cisco is not said to have cooperated in the NSA’s efforts.

They're already so swamped that you have to reserve your user name and wait for an invite. They say they have to add servers. Web site is at https://protonmail.ch/
"ProtonMail works on all devices, including desktops, laptops, tablets, and smartphones. It's as simple as visiting our site and logging in. There are no plugins or apps to install - simply use your favorite web browser."
"ProtonMail works on all devices, including desktops, laptops, tablets, and smartphones.

"A lot of people were upset with those
revelations, and that coalesced into this effort," said Jason Stockman,
a co-developer of ProtonMail, a new encrypted email service which
launched Friday with collaboration of scientists from Harvard, the
Massachusetts Institute of Technology and the European research lab
CERN.

Stockman said ProtonMail aims to be as user-friendly as the
major commercial services, but with extra security, and with its servers
located in Switzerland to make it more difficult for US law enforcement
to access.

By locating in Switzerland,
ProtonMail hopes to avoid the legal woes of services like Lavabit widely
believed to be used by Snowden which shut down rather than hand over
data to the US government, and which now faces a contempt of court
order.

Even if a Swiss court ordered data to be turned over,
Stockman said, "we would hand over piles of encrypted data. We don't
have a key. We never see the password."

As our
users from China, Iran, Russia, and other countries around the world
have shown us in the past months, ProtonMail is an important tool for
freedom of speech and we are happy to finally be able to provide this to
the whole world," the company said in a blog post.

Google and
Yahoo recently announced efforts to encrypt their email communications,
but some specialists say the effort falls short.

"These big
companies don't want to encrypt your stuff because they spy on you,
too," said Bruce Schneier, a well-known cryptographer and author who is
chief technology officer for CO3 Systems.

"Hopefully, the NSA debate is creating incentives for people to build more encryption."

Stockman
said that with services like Gmail, even if data is encrypted, "they
have the key right next to it if you have the key and lock next to each
other, so it's pretty much useless."

"Our
vision is to make encryption and privacy mainstream by making it easy
to use," Stockman told AFP. "There's no installation. Everything happens
behind the scenes automatically."

Even though email encryption
using special codes or keys, a system known as PGP, has been around for
two decades, "it was so complicated," and did not gain widespread
adoption, Stockman said.

After testing over the past few months,
ProtonMail went public Friday using a "freemium" model a basic account
will be free with some added features for a paid account.

Lavabit
founder Ladar Levison meanwhile hopes to launch a new service with
other developers in a coalition known as the "Dark Mail Alliance."

Levison
told AFP he hopes to have a new encrypted email system in testing
within a few months and widely available later this year.

"The goal is to make it ubiquitous, so people don't have to turn it on," he said.

But
he added that the technical hurdles are formidable, because the more
user-friendly the system becomes, "the more susceptible it is to a
sophisticated attacker with fake or spoofed key information."

Levison said he hopes Dark Mail will become a new open standard that can be adopted by other email services.

on
Callas, a cryptographer who developed the PGP standard and later
co-founded the secure communications firm Silent Circle, cited
challenges in making a system that is both secure and ubiquitous.

"If
you are a bank you have to have an email system that complies with
banking regulations," Callas told AFP, which could allow, for example,
certain emails to be subject to regulatory or court review.

"Many
of the services on the Internet started with zero security. We want to
start with a system that is totally secure and let people dial it down."

The
new email system would complement Silent Circle's existing secure
messaging system and encrypted mobile phone, which was launched earlier
this year.

"If we start competing for customers on the basis of maximum privacy, that's good for everybody," Callas said.

Sunday, May 18, 2014

The 28 House members who lobbied the Federal Communications Commission to drop net neutrality this week have received more than twice the amount in campaign contributions from the broadband sector than the average for all House members.

These lawmakers, including the top House leadership, warned the FCC that regulating broadband like a public utility "harms" providers, would be "fatal to the Internet," and could "limit economic freedom."​

According to research provided Friday by Maplight, the 28 House members received, on average, $26,832 from the "cable & satellite TV production & distribution" sector over a two-year period ending in December. According to the data, that's 2.3 times more than the House average of $11,651.

What's more, one of the lawmakers who told the FCC that he had "grave concern" (PDF) about the proposed regulation took more money from that sector than any other member of the House. Rep. Greg Walden (R-OR) was the top sector recipient, netting more than $109,000 over the two-year period, the Maplight data shows.

Dan Newman, cofounder and president of Maplight, the California research group that reveals money in politics, said the figures show that "it's hard to take seriously politicians' claims that they are acting in the public interest when their campaigns are funded by companies seeking huge financial benefits for themselves."

Signing a letter to the FCC along with Walden, who chairs the House Committee on Energy and Commerce, were three other key members of the same committee: Reps. Fred Upton (R-MI), Robert Latta (R-OH), and Marsha Blackburn (R-TN). Over the two-year period, Upton took in $65,000, Latta took $51,000, and Blackburn took $32,500.

In a letter (PDF) those representatives sent to the FCC two days before Thursday's raucous FCC net neutrality hearing, the four wrote that they had "grave concern" over the FCC's consideration of "reclassifying Internet broadband service as an old-fashioned 'Title II common carrier service.'"

The letter added that a switchover "harms broadband providers, the American economy, and ultimately broadband consumers, actually doing so would be fatal to the Internet as we know it."

Not every one of the 28 members who publicly lobbied the FCC against net neutrality in advance of Thursday's FCC public hearing received campaign financing from the industry. One representative took no money: Rep. Nick Rahall (D-WV).

In all, the FCC received at least three letters from House lawmakers with 28 signatures urging caution on classifying broadband as a telecommunications service, which would open up the sector to stricter "common carrier" rules, according to letters the members made publicly available.

The US has long applied common carrier status to the telephone network, providing justification for universal service obligations that guarantee affordable phone service to all Americans and other rules that promote competition and consumer choice.

Some consumer advocates say that common carrier status is needed for the FCC to impose strong network neutrality rules that would force ISPs to treat all traffic equally, not degrading competing services or speeding up Web services in exchange for payment. ISPs have argued that common carrier rules would saddle them with too much regulation and would force them to spend less on network upgrades and be less innovative.

Of the 28 House members signing on to the three letters, Republicans received, on average, $59,812 from the industry over the two-year period compared to $13,640 for Democrats, according to the Maplight data.

Another letter (PDF) sent to the FCC this week from four top members of the House, including Speaker John Boehner (R-OH), Majority Leader Eric Cantor (R-VA), Majority Whip Kevin McCarthy (R-CA), and Republican Conference Chair Cathy McMorris Rodgers (R-WA), argued in favor of cable companies:

"We are writing to respectfully urge you to halt your consideration of any plan to impose antiquated regulation on the Internet, and to warn that implementation of such a plan will needlessly inhibit the creation of American private sector jobs, limit economic freedom and innovation, and threaten to derail one of our economy's most vibrant sectors," they wrote.

The third letter (PDF) forwarded to the FCC this week was signed by 20 House members. "We respectfully urge you to consider the effect that regressing to a Title II approach might have on private companies' ability to attract capital and their continued incentives to invest and innovate, as well as the potentially negative impact on job creation that might result from any reduction in funding or investment," the letter said.

Here are the 28 lawmakers who lobbied the FCC this week and their reported campaign contributions:

Friday, May 16, 2014

I'll need to read the proposed rule, but this doesn't sound good. the FCC majority tries to spin this as options still being open, but I don't recall ever seeing formal regulations changed substantially from their proposed form. If their were to be substantial change, another proposal and comment period would be likely. The public cannot comment on what has not been proposed, so substantial departure from the proposal, absent a new proposal and comment period, would offend basic principles of public notice and comment rulemaking under the Administrative Procedures Act.
The proverbial elephant in the room that the press hasn't picked up on yet is the fight that is going on behind the scenes in the Dept. of Justice. If the Anti-trust Division gets its way, DoJ's public comments on the proposed rule could blow this show out of the water. The ISPs are regulated utility monopolies in vast areas of the U.S. with market consolidation at or near the limits of what the anti-trust folk will tolerate. And leveraging one monopoly (service to subscribers) to impose another (fees for internet-based businesses to gain high speed access) is directly counter to the Sherman Act's section 2. http://www.law.cornell.edu/uscode/text/15/2

On Thursday, the Federal Communications Commission voted 3-2 to open for public debate new rules meant to guarantee an open Internet. Before the plan becomes final, though, the chairman of the commission, Tom Wheeler, will need to convince his colleagues and an array of powerful lobbying groups that the plan follows the principle of net neutrality, the idea that all content running through the Internet’s pipes is treated equally.

While the rules are meant to prevent Internet providers from knowingly slowing data, they would allow content providers to pay for a guaranteed fast lane of service. Some opponents of the plan, those considered net neutrality purists, argue that allowing some content to be sent along a fast lane would essentially discriminate against other content.

“We are dedicated to protecting and preserving an open Internet,” Mr. Wheeler said immediately before the commission vote. “What we’re dealing with today is a proposal, not a final rule. We are asking for specific comment on different approaches to accomplish the same goal, an open Internet.”

Mr. Wheeler argued on Thursday that the proposal did not allow a fast lane. But the proposed rules do not address the connection between an Internet service provider, which sells a connection to consumers, and the operators of backbone transport networks that connect various parts of the Internet’s central plumbing.

That essentially means that as long as an Internet service provider like Comcast or Verizon does not slow the service that a consumer buys, the provider can give faster service to a company that pays to get its content to consumers unimpeded

The plan will be open for comment for four months, beginning immediately.

The public will have until July 15 to submit initial comments on the proposal to the commission, and until Sept. 10 to file comments replying to the initial discussions.

Wednesday, May 14, 2014

Journalist Glenn Greenwald just dropped a pile of new secret National Security Agency documents onto the Internet. But this isn’t just some haphazard WikiLeaks-style dump. These documents, leaked to Greenwald last year by former NSA contractor Edward Snowden, are key supplemental reading material for his new book, No Place to Hide, which went on sale Tuesday.

Now, you could just go buy the book in hardcover and read it like you would any other nonfiction tome. Thanks to all the additional source material, however, if any work should be read on an e-reader or computer, this is it. Here are all the links and instructions for getting the most out of No Place to Hide.

Greenwald has released two versions of the accompanying NSA docs: a compressed version and an uncompressed version. The only difference between these two is the quality of the PDFs. The uncompressed version clocks in at over 91MB, while the compressed version is just under 13MB. For simple reading purposes, just go with the compressed version and save yourself some storage space.

Greenwald also released additional “notes” for the book, which are just citations. Unless you’re doing some scholarly research, you can skip this download.

No Place to Hide is, of course, available on a wide variety of ebook formats—all of which are a few dollars cheaper than the hardcover version, I might add. Pick your e-poison: Amazon, Nook, Kobo, iBooks.

Flipping back and forth

Each page of the documents includes a corresponding page number for the book, to allow readers to easily flip between the book text and the supporting documents.

If you use the Amazon Kindle version, you also have the option of reading Greenwald’s book directly on your computer using the Kindle for PC app or directly in your browser. Yes, that may be the worst way to read a book. In this case, however, it may be the easiest way to flip back and forth between the book text and the notes and supporting documents.

Of course, you can do the same on your e-reader—though it can be a bit of a pain. Those of you who own a tablet are in luck, as they provide the best way to read both ebooks and PDF files. Simply download the book using the e-reader app of your choice, download the PDFs from Greenwald’s website, and dig in.

If you own a Kindle, Nook, or other ereader, you may have to convert the PDFs into a format that works well with your device. The Internet is full of tools and how-to guides for how to do this. Here’s one:

Kindle users also have the option of using Amazon’s Whispernet service, which converts PDFs into a format that functions best on the company’s e-reader. That will cost you a small fee, however—$0.15 per megabyte, which means the compressed Greenwald docs will cost you a whopping $1.95.

Tuesday, May 13, 2014

DMARC is what one might call an emerging e-mail security scheme.
There's a draft on it at draft-kucherawy-dmarc-base-04, intended for
the independent stream. It's emerging pretty fast, since many of the
largest mail systems in the world have already implemented it,
including Gmail, Hotmail/MSN/Outlook, Comcast, and Yahoo.

The reason this matters is that over the weekend Yahoo published a
DMARC record with a policy saying to reject all yahoo.com mail that
fails DMARC. I noticed this because I got a blizzard of bounces from
my church mailing list, when a subscriber sent a message from her
yahoo.com account, and the list got a whole bunch of rejections from
gmail, Yahoo, Hotmail, Comcast, and Yahoo itself. This is definitely
a DMARC problem, the bounces say so.
The problem for mailing lists isn't limited to the Yahoo subscribers.
Since Yahoo mail provokes bounces from lots of other mail systems,
innocent subscribers at Gmail, Hotmail, etc. not only won't get Yahoo
subscribers' messages, but all those bounces are likely to bounce them
off the lists. A few years back we had a similar problem due to an
overstrict implementation of DKIM ADSP, but in this case, DMARC is
doing what Yahoo is telling it to do.
Suggestions:
* Suspend posting permission of all yahoo.com addresses, to limit damage
* Tell Yahoo users to get a new mail account somewhere else, pronto, if
they want to continue using mailing lists
* If you know people at Yahoo, ask if perhaps this wasn't such a good idea

Friday, May 09, 2014

New York City Mayor Bill de Blasio is fielding proposals to transform the city’s largely forgotten phone booths into Wi-Fi hot spots, an ambitious project that would create one of the largest public Wi-Fi networks in the country.

The team with the winning proposal will be charged with the installation, operation and maintenance of up to 10,000 hot spots distributed across the five boroughs, according to a statement released Thursday by the mayor’s office.